Date post: | 06-Jan-2017 |
Category: |
Technology |
Upload: | amazon-web-services |
View: | 156 times |
Download: | 0 times |
© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Timothy DiLauro, Solutions Architect, AWSJoe Gardner, Principal Cloud Architect, National Instruments
November 30, 2016
Achieving Agility by Following
Well-Architected Framework PrinciplesARC203
What to expect from the session
What is the AWS well-architected framework?
What are core tenets to being well architected?
Customer use case: National Instruments getting to well
architected
AWS well-architected framework
Stop guessing
capacity needs
Test systems at scale Data-driven architectures
Automate to enable
experimentation
Allow for evolution
General design principles to facilitate good design in the cloud
AWS well-architected framework
Security Reliability Performance
efficiencyCost optimization
Set of questions you can use to evaluate how well an architecture is
aligned to AWS best practices
Operational
excellence
Security pillar
Security at all layers Enable traceability
Implement a principle
of least privilege
Focus on securing
system
Automate security
best practices
Protect information, systems, and assets while delivering business value
through risk assessments and mitigation strategies
Reliability pillar
Test recovery
procedures
Automatically
recover from failure
Scale horizontally to
increase availability
Stop guessing
capacity
Ability of a system to recover from infrastructure or service disruptions,
dynamically acquire computing resources to meet demand, and mitigate
disruptions such as misconfigurations or transient network issues
Performance efficiency pillar
Democratize
advanced
technologies
Go global in
minutes
Use server-less
architectures
Experiment more
often
Efficiently use of computing resources to meet requirements, and
maintaining that efficiency as demand changes and technologies evolve
Cost optimization pillar
Analyze and attribute
expenditureManaged services to
reduce TCO
Adopt a consumption
model
Benefits from
economies of scale
Stop spending money on
data center operations
Assess your ability to avoid or eliminate unneeded costs or suboptimal
resources, and use those savings on differentiated benefits for your business
Operational excellence pillar
Perform operations
with code
Align operations processes
to business objectivesMake regular, small,
incremental changes
Test for responses to
unexpected eventsLearn from operational
events and failures
Keep operations
procedures current
Operational practices and procedures used to manage production workloads
Well-architected framework example issues
Security
Reliability
Managing keys and credentials – No MFA or rotation policy is in place
Analyzing AWS-specific logs – Logs are not analyzed
Encrypting and protecting data at rest – Data at rest encryption is not
required
Planning for recovery – Unplanned
Seeking help with AWS infrastructure problems – Ad hoc
System adapts to changes in workload – Ad hoc
Well-architected framework example issues
Performance
Cost
optimization
Storage solution matches demand – Reactive
Evaluate new storage options – Ad hoc
Evaluate new instance options – Ad hoc
Meet demand cost effectively – Fixed amount of resources
Govern AWS usage – No policies or mechanisms
NI equips engineers and scientists with systems that accelerate productivity,
innovation, and discovery
“Products used from toys to supercolliders”
40-year-old company
headquartered in Austin, TX;
annual sales greater than $1.25 B
Cloud journey
2013 – Introduced well-architected design
2014 – Launched well-architected product
2015 – All products followed well-architected framework
Started developing on platform in 2008
FPGA Compile Cloud - August 2010
LabVIEW Web UI Builder - November 2010
Cloud infrastructure 2012
EC2-Classic, Elastic Load Balancing,
Amazon S3, Amazon SimpleDB
MySQL on EC2
“Root” credentials
Single-AZ
Internally developed tooling
Backups sent to data center
Manual AMI creation
Cloud infrastructure 2012: Challenges
Software deployment took 5–30 minutes
Lack of infrastructure automation
Scaling took 10–30 minutes to meet demand
Deployment of infrastructure was manual, resource intensive, and
prone to error
Image used under Creative Commons: https://pixabay.com/en/woman-burnout-multitasking-face-1733891/
FPGA Compile Cloud: Challenges
Increased demand
causing scaling
issues
Delayed results Alert fatigue Manual intervention
FPGA Compile Cloud: Improvement
What can be made
faster?
How to reduce
alerts?
How to automate it?How can we better
match demand?
FPGA Compile Cloud: Improved scaling design
Scaling to meet
demand
Autonomous
instances
Intelligent
monitoring
Automated
deployment
Benefits from well-architected framework
Increased developer efficiency
Decreased scaling latency from 30 minutes to 5
Optimized cost from overprovisioning
Removed data center dependency
Cloud infrastructure 2014
Cloud native services: VPC, Auto Scaling,
Amazon Route 53, Amazon CloudFront
RDS-MySQL
Least-privileged access: IAM
Multi-AZ
Cloud native tooling: AWS CloudFormation
Automated AMI process: Ansible
Adopted DevOps principles: Created CI/CD pipelines
Cloud infrastructure 2014: Priority
VPC, Amazon RDS, Elastic Load Balancing,
Auto Scaling
CI/CD pipeline
Increased security
CloudFormation
Automated AMI creation
Security groups
Load balancer
IAM role
Auto Scaling group
Scaling metrics
Cloud infrastructure 2014: Units of deployment
Benefits from well-architected framework
Faster updates; decreased time to market
Load tested above production capacity
Reduced attack surface
Cost optimized
Existing products: Desired changes
Area 2012 2015 – Well architected
EC2 Classic VPC
Relational database MySQL on EC2 RDS-MySQL
Auto Scaling Zero Everything
Elastic Load Balancing External only Everything
CloudFormation Zero 95%
AMI creation Manual Automated: Ansible
Application deployment Manual AWS CodeDeploy
Existing products: Different priority
New product development (2014) Existing product migration (2015)
VPC, RDS, Elastic Load Balancing,
Auto Scaling
Increased security
CI/CD pipeline VPC, RDS, Elastic Load Balancing,
Auto Scaling
Increased security CloudFormation
Automated AMI creation Automated AMI creation
CloudFormation CI/CD pipeline
Existing Products: Measured Improvements
Area 2012 2015 – Well architected
Security Root API
key
IAM, Network ACL,
Egress filtering
Single point of failure 10+ 1
Time to create separate environment 1 month < 2 hours
Longest code deployment time 2 weeks < 4 hours
Typical code deployment time 15 minutes < 1 minute
Continuous improvement: Road map
Multiregion disaster recovery
Global applications
Greater automation
Simpler, more efficient
Additional security
Cloud infrastructure 2016: Benefits realized
Increased monitoring
Disaster recovery to another region
Grew from 3 applications to over 11
Automated turning off unused environments
Most valuable lessons learned
Don’t reinvent the wheel
Be willing to make change
Know when architecture is nearing its limits
Take appropriately sized steps
Most valuable lessons learned
It’s a journey, not a destination
Invest time to save time
Automation empowers faster change and improvement
Need qualified people to accomplish